case 'report_user': // Report an user // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('user'); if (!$current_User->check_status('can_report_user')) { // current User status doesn't allow user reporting // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can report another user. <b>See below:</b>'), 'error'); header_redirect(get_activate_info_url(), 302); // will have exited } $report_status = param('report_user_status', 'string', ''); $report_info = param('report_info_content', 'text', ''); $user_ID = param('user_ID', 'integer', 0); $user_tab = param('user_tab', 'string'); if (get_report_status_text($report_status) == '') { // A report status is incorrect $Messages->add(T_('Please select the correct report reason!'), 'error'); $user_tab = 'report'; } if (!param_errors_detected()) { // add report and block contact ( it will be blocked if was already on this user contact list ) add_report_from($user_ID, $report_status, $report_info); $blocked_message = ''; if ($current_User->check_perm('perm_messaging', 'reply')) { // user has messaging permission, set/add this user as blocked contact $contact_status = check_contact($user_ID); if ($contact_status == NULL) { // contact doesn't exists yet, create as blocked contact create_contacts_user($user_ID, true); $blocked_message = ' ' . T_('You have also blocked this user from contacting you in the future.');
/** * Report a user * * @param integer reported User ID * @param string reported user status (fake, guidelines, harass, spam, other ) * @param string more info * @return mixed 1 on success false on error */ function add_report_from($user_ID, $status, $info) { global $DB, $current_User, $localtimenow; $UserCache =& get_UserCache(); $reported_User = $UserCache->get_by_ID($user_ID, false); if (!$reported_User) { // if user doesn't exists return false return false; } $result = $DB->query('REPLACE INTO T_users__reports( urep_target_user_ID, urep_reporter_ID, urep_status, urep_info, urep_datetime ) VALUES( ' . $DB->quote($user_ID) . ', ' . $DB->quote($current_User->ID) . ', ' . $DB->quote($status) . ', ' . $DB->quote($info) . ', ' . $DB->quote(date2mysql($localtimenow)) . ' )'); if ($result) { // if report was successful send user reported notificaitons to admin users $email_template_params = array('login' => $reported_User->login, 'email' => $reported_User->email, 'report_status' => get_report_status_text($status), 'report_info' => $info, 'user_ID' => $user_ID, 'reported_by' => $current_User->login); // send notificaiton ( it will be send to only those users who want to receive this kind of notifications ) send_admin_notification(NT_('User account reported'), 'account_reported', $email_template_params); } return $result; }